Small and midsize businesses (SMBs) are finally coming to the realization that cyberattacks aren’t only aimed at large enterprises. They’re discovering that attacks can happen to them too—and frequently do. SMBs have fewer resources to dedicate to cybersecurity, often making them more vulnerable to attack and therefore more attractive to cybercriminals.
Research bears this out. In a recent survey by the Small Business Administration, 88% of small-business owners said they believe their business is vulnerable to a cyberattack. Additionally, many of these businesses said they don’t have the budget to pay for solutions and have limited time and resources to devote to cybersecurity.
At the same time, organizations that are increasingly concerned about the risk to their business don’t know where to begin. If that’s the case for your business, you can begin with these four steps. They’re simple, they will significantly improve your cybersecurity posture, and they’re relatively quick to implement—which is critical. Because cyberattacks can interrupt revenue and derail growth investments, with the total cost of a data breach averaging $3.86 million in 2020, according to the Ponemon Institute.
1. GET 24/7 CYBERSECURITY MONITORING
Many SMBs think they lack the budget and personnel to implement around-the-clock monitoring and detection of cyberthreats across their infrastructure. But that’s not the case. Today, there are a growing number of managed detection and response (MDR) service providers that can help organizations continually watch for any incoming threats (detect), and then take action (respond) to security incidents if and when they happen.
These MDR providers have teams of security analysts, threat hunters, and researchers who will monitor your network and devices and analyze incidents and respond to them, thereby minimizing the potential negative impact on your business. These services can cost less than the salary of a single in-house cybersecurity expert.
Why do you need 24/7 monitoring? Because cybercriminals don’t work 9 to 5. They’re scattered around the world and can attack anytime, day or night. Utilizing 24/7 monitoring by an experienced MDR provider is essential to remove your blind spots.
2. ENABLE MULTI-FACTOR AUTHENTICATION
With millions of passwords constantly stolen and made available to attackers, multi-factor authentication (MFA) is one of the most important security features you can use to protect your company. MFA provides an extra layer of security and makes stolen passwords useless by requiring a ‘second factor,’ such as a security token or your phone, to provide access to your email or business applications. Getting started with MFA is easy because most applications support it now. And it’s high-value because it means threat actors need more than just a password to get in and cause damage. That makes their job a lot more difficult and greatly reduces the likelihood that a bad actor will be able to use a stolen password to wreak havoc on your business. When confronted with MFA, many attackers will move on to a more vulnerable target.
3. PUT AN INCIDENT RESPONSE (IR) RETAINER IN PLACE
If a security breach happens, it’s vital to have a plan in place that will quickly guide you through your response and mitigate any damage. The plan should outline the procedures your company will follow in case of a successful attack, as well as the roles and responsibilities of the employees who will complete those tasks.
Most companies do not have the expertise or experience required to create an effective plan or to execute it flawlessly at crunch time. The same goes for investigating an attack, recovering quickly, and taking the steps to ensure it never happens again. That’s where an incident response retainer comes in. This is an agreement set up in advance of a cyber incident that entitles you to priority support, planning services, and expertise from a security provider should a breach occur.
Incident response retainers can be low-cost and high-impact because, if a breach does occur, you’re fast-tracked from the get-go. This gives you a much better chance of reducing your recovery time and lowering the cost of the breach. The retainer you choose should offer flexibility in how the provider uses the hours it promises to you. If you never experience a cyberattack, the provider should spend those hours building proactive services that strengthen your security posture.
4. PUT A VULNERABILITY MANAGEMENT PROGRAM IN PLACE
A large number of security incidents occur when hackers take advantage of software flaws, known as vulnerabilities. Many high-profile vulnerabilities have affected millions of organizations. Vulnerability management is the process of prioritizing and applying updates to patch these issues. Discovering and prioritizing vulnerabilities can be difficult for organizations that are already spread thin. However, these aspects of vulnerability management can also be delivered by an MDR service provider.
The reality is that most bad actors are not discovering new vulnerabilities. Instead, they exploit known vulnerabilities before organizations patch them. So by patching your systems and applications on a regular basis, you can eliminate a large number of cyberthreats and greatly reduce your security risk. Regularly patching your systems can also deliver other benefits such as ensuring they run smoothly with maximum uptime.
Vulnerability management should be done on a regular basis. That way, you’re not always wondering what needs to be patched when. And you’re never caught flat-footed. Your systems and applications should be patched on a schedule, with any high-severity vulnerabilities addressed immediately.
A lot of SMBs still think they’re not big enough to interest cybercriminals. This has been proven false. According to the Verizon Data Breach Investigations Report, 43% of attacks are now aimed at small businesses. That’s because the driving motivation of most attackers is not to find the biggest targets but the easiest targets. If you operate a small or mid-size business, it’s time to raise your security game. The good news is that by taking a few basic steps, you can greatly reduce the risk of an attack and keep your business on the path to growth.
Lyndon Brown is Chief Strategy Officer at Pondurance.